zav7j.qzgxqt.com Open in urlscan Pro
185.56.234.205 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://llink.to/?u=https%3A%2F%2Fspiculum.net%2FSNCC%2Fshahil.maredia%2Fc2hhaGlsLm1hcmVkaWFAZWNsaW5pY2Fsd29ya3Mu...
Effective URL:
https://zav7j.qzgxqt.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODUsInNyYyI6Mn0=eyJ&si1=stea...
Submission: On June 20 via manual (June 20th 2023, 12:43:50 pm UTC) from IN — Scanned from DE

Summary HTTP 33 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 4 countries across 10 domains to perform 33 HTTP transactions. The main IP is 185.56.234.205, located in Netherlands and belongs to ADVANCEDHOSTERS-AS, NL. The main domain is zav7j.qzgxqt.com.
TLS certificate: Issued by R3 on June 16th 2023. Valid for: 3 months.

This is the only time zav7j.qzgxqt.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	185.199.110.153 185.199.110.153	54113 (FASTLY) (FASTLY)
1	2606:4700:310... 2606:4700:3108::ac42:286a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:1901:0:e... 2600:1901:0:e8fb::	15169 (GOOGLE) (GOOGLE)
1	104.206.225.156 104.206.225.156	62904 (AS62904) (AS62904)
1	91.238.104.193 91.238.104.193	50321 (BYTES-AS) (BYTES-AS)
2	194.135.30.210 194.135.30.210	50321 (BYTES-AS) (BYTES-AS)
10	185.56.234.205 185.56.234.205	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2a02:b4a:1:7:... 2a02:b4a:1:7::9165:1	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
11	2606:4700:303... 2606:4700:3033::6815:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:b4a:1:7:... 2a02:b4a:1:7::9166:1	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
33	11

1 185.199.110.153 (United States)

ASN54113 (FASTLY, US)
PTR: cdn-185-199-110-153.github.com

llink.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3108::ac42:286a (United States)

ASN13335 (CLOUDFLARENET, US)

track.salesflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:e8fb:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

api.salesflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.206.225.156 (United States)

ASN62904 (AS62904, US)
PTR: start.beamerchandise.com

spiculum.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.238.104.193 (Ukraine)

ASN50321 (BYTES-AS, UA)

collect.clickandanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 194.135.30.210 (Madrid, Spain)

ASN50321 (BYTES-AS, UA)

statistic.scriptsplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
get.clickandanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 185.56.234.205 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

qzgxqt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t8odj.qzgxqt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rc4mo.qzgxqt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
1k96d.qzgxqt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
8vdjo.qzgxqt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rcx74.qzgxqt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
yknqi.qzgxqt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dvqy1.qzgxqt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
457lm.qzgxqt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
zav7j.qzgxqt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:b4a:1:7::9165:1 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

azkcqs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:3033::6815:190e (United States)

ASN13335 (CLOUDFLARENET, US)

ulmoyc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:b4a:1:7::9166:1 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

ecrwqu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	ulmoyc.com ulmoyc.com — Cisco Umbrella Rank: 35880	52 KB
10	qzgxqt.com qzgxqt.com t8odj.qzgxqt.com rc4mo.qzgxqt.com 1k96d.qzgxqt.com 8vdjo.qzgxqt.com rcx74.qzgxqt.com yknqi.qzgxqt.com dvqy1.qzgxqt.com 457lm.qzgxqt.com zav7j.qzgxqt.com	129 KB
2	clickandanalytics.com collect.clickandanalytics.com — Cisco Umbrella Rank: 276000 get.clickandanalytics.com Failed	3 KB
2	salesflare.com track.salesflare.com api.salesflare.com — Cisco Umbrella Rank: 734882	10 KB
1	ecrwqu.com ecrwqu.com — Cisco Umbrella Rank: 223408	307 B
1	azkcqs.com azkcqs.com — Cisco Umbrella Rank: 21147	101 B
1	scriptsplatform.com statistic.scriptsplatform.com — Cisco Umbrella Rank: 241116	2 KB
1	spiculum.net spiculum.net Failed	766 B
1	llink.to llink.to	645 B
0	psxcvb.com Failed psxcvb.com Failed
33	10

	Domain	Requested by
11	ulmoyc.com	qzgxqt.com ulmoyc.com t8odj.qzgxqt.com rc4mo.qzgxqt.com 1k96d.qzgxqt.com 8vdjo.qzgxqt.com rcx74.qzgxqt.com yknqi.qzgxqt.com dvqy1.qzgxqt.com 457lm.qzgxqt.com zav7j.qzgxqt.com
1	ecrwqu.com	zav7j.qzgxqt.com
1	zav7j.qzgxqt.com	457lm.qzgxqt.com
1	457lm.qzgxqt.com	dvqy1.qzgxqt.com
1	dvqy1.qzgxqt.com	yknqi.qzgxqt.com
1	yknqi.qzgxqt.com	rcx74.qzgxqt.com
1	rcx74.qzgxqt.com	8vdjo.qzgxqt.com
1	8vdjo.qzgxqt.com	1k96d.qzgxqt.com
1	1k96d.qzgxqt.com	rc4mo.qzgxqt.com
1	rc4mo.qzgxqt.com	t8odj.qzgxqt.com
1	t8odj.qzgxqt.com	qzgxqt.com
1	azkcqs.com	qzgxqt.com
1	qzgxqt.com
1	get.clickandanalytics.com	statistic.scriptsplatform.com
1	statistic.scriptsplatform.com	collect.clickandanalytics.com
1	collect.clickandanalytics.com	spiculum.net
1	api.salesflare.com	track.salesflare.com
1	spiculum.net	track.salesflare.com
1	track.salesflare.com	llink.to
1	llink.to
0	psxcvb.com Failed	zav7j.qzgxqt.com
33	21

This site contains no links.

Subject Issuer	Validity	Valid
llink.to R3	`2023-05-31` - `2023-08-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-03-20` - `2024-03-19`	a year	crt.sh
api.salesflare.com GTS CA 1D4	`2023-05-31` - `2023-08-29`	3 months	crt.sh
spiculum.net cPanel, Inc. Certification Authority	`2023-05-13` - `2023-08-11`	3 months	crt.sh
collect.clickandanalytics.com R3	`2023-05-24` - `2023-08-22`	3 months	crt.sh
statistic.scriptsplatform.com R3	`2023-05-15` - `2023-08-13`	3 months	crt.sh
get.clickandanalytics.com R3	`2023-06-17` - `2023-09-15`	3 months	crt.sh
qzgxqt.com R3	`2023-06-16` - `2023-09-14`	3 months	crt.sh
azkcqs.com R3	`2023-04-27` - `2023-07-26`	3 months	crt.sh
ecrwqu.com R3	`2023-05-16` - `2023-08-14`	3 months	crt.sh

This page contains 1 frames:

Frame: https://psxcvb.com/fp.html?rid=4950963469946864290_2&sd=aHR0cHM6Ly9lY3J3cXUuY29t&ru=aHR0cDovL3RyYWZmLjQwdHJrLmNvbS9jL2QxMDI1Njk2MmNiODY0YTQ/Q0xJQ0tJRD1hMl80OTUwOTYzNDY5OTQ2ODY0MjkwXzQ1NjI4NV8yXzAmQ1BDPTAuMDAxMyZTT1VSQ0VfSUQ9YTQ1NjI4NSZDQU1QQUlHTl9JRD04NTg0MzUmQ1BDPTAuMDAxMyZaT05FX0lEPWE0NTYyODUmQ1JFQVRJVkVfSUQ9e0NSRUFUSVZFX0lEfQ==
Frame ID: B413BCFC18536AC94BEEB757EC0615AB
Requests: 33 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://llink.to/?u=https%3A%2F%2Fspiculum.net%2FSNCC%2Fshahil.maredia%2Fc2hhaGlsLm1hcmVkaWFA... Page URL
https://spiculum.net/SNCC/shahil.maredia/c2hhaGlsLm1hcmVkaWFAZWNsaW5pY2Fsd29ya3MuY29t Page URL
https://get.clickandanalytics.com/f8c5xq Page URL
https://qzgxqt.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODUsInNy... Page URL
https://t8odj.qzgxqt.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODUsInNy... Page URL
https://rc4mo.qzgxqt.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODUsInNy... Page URL
https://1k96d.qzgxqt.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODUsInNy... Page URL
https://8vdjo.qzgxqt.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODUsInNy... Page URL
https://rcx74.qzgxqt.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODUsInNy... Page URL
https://yknqi.qzgxqt.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODUsInNy... Page URL
https://dvqy1.qzgxqt.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODUsInNy... Page URL
https://457lm.qzgxqt.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODUsInNy... Page URL
https://zav7j.qzgxqt.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODUsInNy... Page URL

Page Statistics

33
Requests

91 %
HTTPS

50 %
IPv6

10
Domains

21
Subdomains

11
IPs

4
Countries

198 kB
Transfer

417 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://llink.to/?u=https%3A%2F%2Fspiculum.net%2FSNCC%2Fshahil.maredia%2Fc2hhaGlsLm1hcmVkaWFAZWNsaW5pY2Fsd29ya3MuY29t Page URL
https://spiculum.net/SNCC/shahil.maredia/c2hhaGlsLm1hcmVkaWFAZWNsaW5pY2Fsd29ya3MuY29t Page URL
https://get.clickandanalytics.com/f8c5xq Page URL
https://qzgxqt.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODUsInNyYyI6Mn0=eyJ&si1=steaven&si2=tranybat Page URL
https://t8odj.qzgxqt.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODUsInNyYyI6Mn0=eyJ&si1=steaven&si2=tranybat&i=1 Page URL
https://rc4mo.qzgxqt.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODUsInNyYyI6Mn0=eyJ&si1=steaven&si2=tranybat&i=2 Page URL
https://1k96d.qzgxqt.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODUsInNyYyI6Mn0=eyJ&si1=steaven&si2=tranybat&i=3 Page URL
https://8vdjo.qzgxqt.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODUsInNyYyI6Mn0=eyJ&si1=steaven&si2=tranybat&i=4 Page URL
https://rcx74.qzgxqt.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODUsInNyYyI6Mn0=eyJ&si1=steaven&si2=tranybat&i=5 Page URL
https://yknqi.qzgxqt.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODUsInNyYyI6Mn0=eyJ&si1=steaven&si2=tranybat&i=6 Page URL
https://dvqy1.qzgxqt.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODUsInNyYyI6Mn0=eyJ&si1=steaven&si2=tranybat&i=7 Page URL
https://457lm.qzgxqt.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODUsInNyYyI6Mn0=eyJ&si1=steaven&si2=tranybat&i=8 Page URL
https://zav7j.qzgxqt.com/checking-browser?h=waWQiOjEwNTQwMzAsInNpZCI6MTIyMjYzNCwid2lkIjo0NTYyODUsInNyYyI6Mn0=eyJ&si1=steaven&si2=tranybat&i=9 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://ecrwqu.com/cuclc?aid=4950963469946864290&t=1687265026&s=858435 HTTP 302
https://psxcvb.com/fp.html?rid=4950963469946864290_2&sd=aHR0cHM6Ly9lY3J3cXUuY29t&ru=aHR0cDovL3RyYWZmLjQwdHJrLmNvbS9jL2QxMDI1Njk2MmNiODY0YTQ/Q0xJQ0tJRD1hMl80OTUwOTYzNDY5OTQ2ODY0MjkwXzQ1NjI4NV8yXzAmQ1BDPTAuMDAxMyZTT1VSQ0VfSUQ9YTQ1NjI4NSZDQU1QQUlHTl9JRD04NTg0MzUmQ1BDPTAuMDAxMyZaT05FX0lEPWE0NTYyODUmQ1JFQVRJVkVfSUQ9e0NSRUFUSVZFX0lEfQ==

33 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
llink.to/ 528 B
645 B 43ms
9ms Document
text/html 185.199.110.153
FASTLY

General

Domain/Path	Expires	Name / Value
spiculum.net/	1970-01-20 12:41:33	Name: simpeladus1 Value: 1
get.clickandanalytics.com/	1970-01-20 13:25:43	Name: _subid Value: 39hiq3g23qj81
get.clickandanalytics.com/	1970-01-20 22:17:05	Name: 704bf Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE3XCI6MTY4NzI2NTAyNX0sXCJjYW1wYWlnbnNcIjp7XCI0XCI6MTY4NzI2NTAyNX0sXCJ0aW1lXCI6MTY4NzI2NTAyNX0ifQ.viahlQH920dUKBXwgjg8ILjp12pQbdAH9QS1Hg1hwKA
.qzgxqt.com/	1970-01-20 12:42:31	Name: truniq Value: 1
.qzgxqt.com/	1970-01-20 21:26:41	Name: prompt Value: 1
.qzgxqt.com/	1970-01-20 12:51:09	Name: ufp2 Value: 7587c7ed00216e28c8de2401f782e624ddbc1f42

zav7j.qzgxqt.com Open in urlscan Pro 185.56.234.205 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

33 Requests

91 %HTTPS

50 %IPv6

10 Domains

21 Subdomains

11 IPs

4 Countries

198 kBTransfer

417 kBSize

6 Cookies

0 Outgoing links

Page URL History

Redirected requests

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

zav7j.qzgxqt.com Open in urlscan Pro
185.56.234.205 Public Scan

Screenshot
Live screenshot

Full Image

33
Requests

91 %
HTTPS

50 %
IPv6

10
Domains

21
Subdomains

11
IPs

4
Countries

198 kB
Transfer

417 kB
Size

6
Cookies

33 HTTP transactions
0 data transactions